MDVSA-2008:233 -- Mandriva libcdaudioID: oval:org.secpod.oval:def:301380 | Date: (C)2012-01-07 (M)2021-06-02 |
Class: PATCH | Family: unix |
A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code . In addition, the fixes for CVE-2005-0706 were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 and 2009.0 . This issue is a buffer overflow flaw found by Joseph VanAndel. Corporate 3.0 has this fix already applied. The updated packages have been patched to prevent these issues.
Platform: |
Mandriva Linux 2009.0 |
Mandriva Linux 2008.1 |